This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, next has been updated via c0119cfb3733d2bab481dcf65880cc3f08703d61 (commit) from 57bf7620699743fe14591c2f4050c947d276fd40 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit c0119cfb3733d2bab481dcf65880cc3f08703d61 Author: Arne Fitzenreiter arne_f@ipfire.org Date: Thu Apr 28 17:04:58 2016 +0200
samba: import rpc server and client fixes.
should fix: #11110
Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org
-----------------------------------------------------------------------
Summary of changes: lfs/samba | 6 ++- ...-82fa625540abf8b8ec23d43c41e2ca906a9928a5.patch | 39 +++++++++++++++ ...-0abef6992dc342d443137f8a2ac6c01f490cecee.patch | 40 +++++++++++++++ ...-2d0424e7bb2c30bf9049529b207c73b55370dfc8.patch | 58 ++++++++++++++++++++++ 4 files changed, 142 insertions(+), 1 deletion(-) create mode 100644 src/patches/samba/1-samba.git-82fa625540abf8b8ec23d43c41e2ca906a9928a5.patch create mode 100644 src/patches/samba/2-samba.git-0abef6992dc342d443137f8a2ac6c01f490cecee.patch create mode 100644 src/patches/samba/3-samba.git-2d0424e7bb2c30bf9049529b207c73b55370dfc8.patch
Difference in files: diff --git a/lfs/samba b/lfs/samba index b58bf79..f771986 100644 --- a/lfs/samba +++ b/lfs/samba @@ -32,7 +32,7 @@ DL_FROM = $(URL_IPFIRE) DIR_APP = $(DIR_SRC)/$(THISAPP) TARGET = $(DIR_INFO)/$(THISAPP) PROG = samba -PAK_VER = 61 +PAK_VER = 62
DEPS = "cups krb5"
@@ -88,6 +88,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2016-2118-v3-6.patch cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/CVE-2015-5370-v3-6.patch
+ cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/1-samba.git-82fa625540abf8b8ec23d43c41e2ca906a9928a5.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/2-samba.git-0abef6992dc342d443137f8a2ac6c01f490cecee.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/samba/3-samba.git-2d0424e7bb2c30bf9049529b207c73b55370dfc8.patch + cd $(DIR_APP)/source3 && ./autogen.sh cd $(DIR_APP)/source3 && ./configure \ --prefix=/usr \ diff --git a/src/patches/samba/1-samba.git-82fa625540abf8b8ec23d43c41e2ca906a9928a5.patch b/src/patches/samba/1-samba.git-82fa625540abf8b8ec23d43c41e2ca906a9928a5.patch new file mode 100644 index 0000000..ec449c3 --- /dev/null +++ b/src/patches/samba/1-samba.git-82fa625540abf8b8ec23d43c41e2ca906a9928a5.patch @@ -0,0 +1,39 @@ +From 82fa625540abf8b8ec23d43c41e2ca906a9928a5 Mon Sep 17 00:00:00 2001 +From: Andreas Schneider asn@samba.org +Date: Fri, 15 Apr 2016 11:56:08 +0200 +Subject: [PATCH] s3:rpc_server: Fix a regression verifying the security + trailer + +We do not support header signing so we should not check verify it if a +client sends the flag. + +Signed-off-by: Andreas Schneider asn@samba.org +Reviewed-by: Guenther Deschner gd@samba.org +--- + source3/rpc_server/srv_pipe.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c +index d659705..fa354a6 100644 +--- a/source3/rpc_server/srv_pipe.c ++++ b/source3/rpc_server/srv_pipe.c +@@ -1552,7 +1552,6 @@ static bool srv_pipe_check_verification_trailer(struct pipes_struct *p, + { + TALLOC_CTX *frame = talloc_stackframe(); + struct dcerpc_sec_verification_trailer *vt = NULL; +- const uint32_t bitmask1 = 0; + const struct dcerpc_sec_vt_pcontext pcontext = { + .abstract_syntax = pipe_fns->syntax, + .transfer_syntax = ndr_transfer_syntax, +@@ -1573,7 +1572,7 @@ static bool srv_pipe_check_verification_trailer(struct pipes_struct *p, + goto done; + } + +- ret = dcerpc_sec_verification_trailer_check(vt, &bitmask1, ++ ret = dcerpc_sec_verification_trailer_check(vt, NULL, + &pcontext, &header2); + done: + TALLOC_FREE(frame); +-- +1.9.1 + diff --git a/src/patches/samba/2-samba.git-0abef6992dc342d443137f8a2ac6c01f490cecee.patch b/src/patches/samba/2-samba.git-0abef6992dc342d443137f8a2ac6c01f490cecee.patch new file mode 100644 index 0000000..074653c --- /dev/null +++ b/src/patches/samba/2-samba.git-0abef6992dc342d443137f8a2ac6c01f490cecee.patch @@ -0,0 +1,40 @@ +From 0abef6992dc342d443137f8a2ac6c01f490cecee Mon Sep 17 00:00:00 2001 +From: Christian Ambach ambi@samba.org +Date: Wed, 20 Feb 2013 16:59:05 +0100 +Subject: [PATCH] s3:rpc_client fix a crash + +state->cli->dc does not have to be set (e.g. when running +net rpc join against an older Samba PDC), so check it before dereferencing it + +This fixes Bug 9669 - net rpc join crashes against a Samba 3.0.33 PDC + +Bug: https://bugzilla.samba.org/show_bug.cgi?id=9669 + +Signed-off-by: Christian Ambach ambi@samba.org +Reviewed-by: Andreas Schneider asn@samba.org + +Autobuild-User(master): Christian Ambach ambi@samba.org +Autobuild-Date(master): Wed Feb 20 19:00:52 CET 2013 on sn-devel-104 +(cherry picked from commit 3d29bb2d37b02909ecb500e864f3c13e06957a86) + +(cherry picked from commit ff658bb36c28c9db91fc80a68725e893ffe300aa) +--- + source3/rpc_client/cli_pipe.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c +index 5ddabb7..a211d92 100644 +--- a/source3/rpc_client/cli_pipe.c ++++ b/source3/rpc_client/cli_pipe.c +@@ -2136,7 +2136,7 @@ static void rpc_pipe_bind_step_two_done(struct tevent_req *subreq) + status = dcerpc_netr_LogonGetCapabilities_r_recv(subreq, talloc_tos()); + TALLOC_FREE(subreq); + if (NT_STATUS_EQUAL(status, NT_STATUS_RPC_PROCNUM_OUT_OF_RANGE)) { +- if (state->cli->dc->negotiate_flags & ++ if (state->cli->dc && state->cli->dc->negotiate_flags & + NETLOGON_NEG_SUPPORTS_AES) { + DEBUG(5, ("AES is not supported and the error was %s\n", + nt_errstr(status))); +-- +1.9.1 + diff --git a/src/patches/samba/3-samba.git-2d0424e7bb2c30bf9049529b207c73b55370dfc8.patch b/src/patches/samba/3-samba.git-2d0424e7bb2c30bf9049529b207c73b55370dfc8.patch new file mode 100644 index 0000000..75aedd8 --- /dev/null +++ b/src/patches/samba/3-samba.git-2d0424e7bb2c30bf9049529b207c73b55370dfc8.patch @@ -0,0 +1,58 @@ +From 2d0424e7bb2c30bf9049529b207c73b55370dfc8 Mon Sep 17 00:00:00 2001 +From: Andreas Schneider asn@samba.org +Date: Tue, 10 Jan 2012 16:38:16 +0100 +Subject: [PATCH] s3-rpc_client: Fix updating netlogon credentials. +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Günther Deschner gd@samba.org +(cherry picked from commit 33206b1e240e55acedad606aed4f1952f7496b35) +--- + source3/rpc_client/cli_pipe.c | 15 +++++++-------- + 1 file changed, 7 insertions(+), 8 deletions(-) + +diff --git a/source3/rpc_client/cli_pipe.c b/source3/rpc_client/cli_pipe.c +index a211d92..92ca494 100644 +--- a/source3/rpc_client/cli_pipe.c ++++ b/source3/rpc_client/cli_pipe.c +@@ -2128,9 +2128,6 @@ static void rpc_pipe_bind_step_two_done(struct tevent_req *subreq) + struct rpc_pipe_bind_state *state = + tevent_req_data(req, + struct rpc_pipe_bind_state); +- struct schannel_state *schannel_auth = +- talloc_get_type_abort(state->cli->auth->auth_ctx, +- struct schannel_state); + NTSTATUS status; + + status = dcerpc_netr_LogonGetCapabilities_r_recv(subreq, talloc_tos()); +@@ -2188,8 +2185,8 @@ static void rpc_pipe_bind_step_two_done(struct tevent_req *subreq) + return; + } + +- TALLOC_FREE(schannel_auth->creds); +- schannel_auth->creds = talloc_steal(state->cli, state->creds); ++ TALLOC_FREE(state->cli->dc); ++ state->cli->dc = talloc_steal(state->cli, state->creds); + + if (!NT_STATUS_IS_OK(state->r.out.result)) { + DEBUG(0, ("dcerpc_netr_LogonGetCapabilities_r_recv failed with %s\n", +@@ -3385,10 +3382,12 @@ NTSTATUS cli_rpc_pipe_open_schannel_with_key(struct cli_state *cli, + * The credentials on a new netlogon pipe are the ones we are passed + * in - copy them over + */ +- result->dc = netlogon_creds_copy(result, *pdc); + if (result->dc == NULL) { +- TALLOC_FREE(result); +- return NT_STATUS_NO_MEMORY; ++ result->dc = netlogon_creds_copy(result, *pdc); ++ if (result->dc == NULL) { ++ TALLOC_FREE(result); ++ return NT_STATUS_NO_MEMORY; ++ } + } + + DEBUG(10,("cli_rpc_pipe_open_schannel_with_key: opened pipe %s to machine %s " +-- +1.9.1 +
hooks/post-receive -- IPFire 2.x development tree